在centos7上安裝microk8s

參考文檔

http://www.imooc.com/article/291860

https://www.jianshu.com/p/c4d404b7e894

安裝部署

# 操作系統換源

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
yum clean all
yum makecache

 

# 關閉防火牆

systemctl stop firewalld.service            
systemctl disable firewalld.service        

# 安裝 snap

yum install epel-release -y
yum install yum-plugin-copr -y
yum copr enable ngompa/snapcore-el7
yum -y install snapd
systemctl enable --now snapd.socket
ln -s /var/lib/snapd/snap /snap

 

# 設置環境變量

否則會報錯 -bash: microk8s.kubectl: command not found
vi /etc/profile 

export PATH=$PATH:/snap/bin

source /etc/profile

 

# 調整時間和時區

否則會報錯 error: too early for operation, device not yet seeded or device model not acknowledged

yum install ntpdate -y
ntpdate ntp.sjtu.edu.cn
timedatectl set-timezone Asia/Shanghai

# snap 安裝 microk8s

#snap install microk8s --classic --channel=latest/stable
snap install microk8s --classic --channel=1.18.3/stable

# 查看 microk8s 信息 
snap info microk8s 

# 調整 microk8s 版本 
# snap refresh --channel=1.11/stable microk8s 
snap refresh --channel=latest/beta microk8s

 

# 調用 microk8s 命令

microk8s.kubectl get all

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.152.183.1 <none> 443/TCP 171m

# 設置別名查看版本信息

snap alias microk8s.kubectl kubectl
kubectl version

 
# 管理microk8s

# 查看狀態
microk8s status 
# 啟動
microk8s start
# 停止
microk8s stop

 

 

# 配置ctr鏡像下載（不成功，正在嘗試，請使用docker方式獲取並導入鏡像）

vi /var/snap/microk8s/current/args/containerd.template.toml

vi /var/snap/microk8s/current/args/containerd.toml

[plugins]
  [plugins.cri]
    [plugins.cri.registry]
      [plugins.cri.registry.mirrors]
        [plugins.cri.registry.mirrors."docker.io"] endpoint = ["https://registry.docker-cn.com","registry.cn-hangzhou.aliyuncs.com"]

 

# 使用docker獲取鏡像並導入鏡像

# 安裝docker
yum install docker -y # 啟動docker systemctl start docker # 開機啟動docker systemctl enable docker # 查看docker狀態 systemctl status docker 

使用阿里雲的鏡像加速器

https://cr.console.aliyun.com/

sudo mkdir -p /etc/docker
sudo tee /etc/docker/daemon.json <<-'EOF' { "registry-mirrors": ["https://du8c1in9.mirror.aliyuncs.com"] } EOF sudo systemctl daemon-reload sudo systemctl restart docker

 

# 管理插件

snap alias microk8s.kubectl kubectl

# 附加插件
microk8s.enable dns dashboard ingress

# 去除插件
microk8s.disable dns dashboard ingress

# 查看狀態
kubectl get pods --all-namespaces 

# 查看詳情 
kubectl describe pod --all-namespaces
# 查看一個pod具體信息
kubectl describe pod -n kube-system kubernetes-dashboard-5c4844b787-kqt5

 如果啟動不了，看缺什么鏡像，使用以下腳本進行鏡像補充，注意版本已經要改成對應的，來源鏡像可以從阿里雲獲得

啟動后可以使用如下腳本，獲取需要的鏡像列表，然后逐個通過docker導入，加快速度。

kubectl describe pod --all-namespaces| grep "Pulling image"

 

# 使用docker下載，並轉存到microk8s.ctr中

運行以下腳本，將鏡像導入即可

https://github.com/maobuji/docker-library/blob/master/import/import1.18.3.sh

導入后查看鏡像信息 

microk8s.ctr images ls

 

# 檢查鏡像狀態,如果都是runing就啟動成功了。

[root@fan-vmwarelocal images]# kubectl get pods --all-namespaces 
NAMESPACE     NAME                                        READY   STATUS    RESTARTS   AGE
ingress       nginx-ingress-microk8s-controller-jqtcp     1/1     Running   0          8m8s
kube-system   coredns-588fd544bf-4fsrw                    1/1     Running   0          8m19s
kube-system   dashboard-metrics-scraper-59f5574d4-x7k4s   1/1     Running   0          8m10s
kube-system   kubernetes-dashboard-5c4844b787-fdrh9       1/1     Running   0          8m10s
kube-system   metrics-server-v0.2.1-95c9bd697-k74pg       2/2     Running   0          8m11s

 

# 使用本地映射訪問 dashboard

# 找到pod名
kubectl get pods --all-namespaces | grep dashboard

# 查看pod的開放端口, 一般是8443
kubectl describe --namespace kube-system pod/kubernetes-dashboard-6fd7f9c494-dgxlj

# 將pod的開放端口映射到本地,這個轉發命令行不能關閉
kubectl port-forward --namespace=kube-system --address=0.0.0.0 pod/kubernetes-dashboard-6fd7f9c494-dgxlj 8443:8443

訪問https://{ServerIP}:8443/ 就可以看到管控台界面了，需要使用token進行登錄，下面我們來獲取token

kubectl get secrets --all-namespaces | grep dashboard-token

kubectl describe --namespace kube-system secrets kubernetes-dashboard-token-khh2z
---------------------------------------------------------------------------
Name:         kubernetes-dashboard-token-khh2z
Namespace:    kube-system
Labels:       <none>
Annotations:  kubernetes.io/service-account.name: kubernetes-dashboard
              kubernetes.io/service-account.uid: 9114b171-7eee-4c83-ace9-6ebed56526b0

Type:  kubernetes.io/service-account-token

Data
====
namespace:  11 bytes
token:      eyJhbGciOiJSUzI1NiIsImtpZCI6IlI1cTFUOTVfbHNpVzBOOXFWYWhZYU00cjg1VWJ1TXRFbDU2clJfQW9uZmsifQ.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJrdWJlLXN5c3RlbSIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VjcmV0Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZC10b2tlbi1raGgyeiIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50Lm5hbWUiOiJrdWJlcm5ldGVzLWRhc2hib2FyZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjkxMTRiMTcxLTdlZWUtNGM4My1hY2U5LTZlYmVkNTY1MjZiMCIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDprdWJlLXN5c3RlbTprdWJlcm5ldGVzLWRhc2hib2FyZCJ9.xCLVOivZRZlSGGP0UCn6ksOnYzo3vhq8bbDalEb8G2xSvGzzs4fT3JBcmdVxHWpmEjtIzan8Ok-cPjppzebzUbVjZYpOLnPpKzS6xiU-fxhrCfT6d0JOMaUdWw5Xoh_ydqavgw5kshyqh9M-LChWw6aw77JbxMYFAzfqEFn_p5J5f-V5eRfh3QzBzWG7NL93R1zqxMDiRuA09HLRi0rgIdwhRpsvdnVnNI900ro2jKT1h3fquSfEv_zzVtZkyj_Ia3jV0dOrL6RM73AkCiwWJ0UQcRRBdeBTQL8xrZPY8zARzUIVGxQHvAcHCN1V3orQDgXQvEZI48L1suLeGkYGrQ

輸入token后登錄，就能看到管理界面了

 

 

# 使用代理（未成功，可以看到界面，但無法登錄）

kubectl proxy --accept-hosts=.* --address=0.0.0.0

訪問：http://{ServerIP}:8001/api/v1/namespaces/kube-system/services/https:kubernetes-dashboard:/proxy/